Security
Enterprise-grade security, built in from day one
Your analytics data is sensitive. Here is exactly how we protect it at every layer.
Data Storage
- All data stored in Neon PostgreSQL (SOC 2 Type II certified)
- Hosted on AWS infrastructure
- Data encrypted at rest and in transit (TLS 1.2+)
Authentication
- Magic link email authentication (no passwords stored)
- Session tokens with automatic expiry
- Role-based access control (owner, editor, viewer)
Google Integration
- OAuth 2.0 with minimal scopes: read-only for Analytics and Search Console; Tag Manager container edit only if you use GTM auto-deploy
- Tokens encrypted at rest using AES-256-GCM
- No Google passwords are ever stored
- Users can disconnect Google and all tokens are deleted immediately
Data Access
- Your data is never shared with other workspaces
- AI analysis is performed using your configured API key
- We do not train models on your data
Compliance
- GDPR-ready: data deletion available on request
- No tracking cookies on the app itself (only your own GA4/GTM)
- Audit log of all configuration changes
Have security questions?
We are happy to walk through our security posture in detail. Reach out for our full security documentation or to schedule a review.
Contact Security Team